Delete audit logs
2. Delete all access audit events
Deleting audit log entries is done through API calls only.
Path
DELETE /api/v1/audits/access?type=[type]
Description
Deletes all access events of a specific type. In case type is not provided all access audits for every type will be removed. The possible 'types' for this command are:
-
docker
: Docker access audit -
kubernetes
: Kubernetes access audit (to Kubernetes master) -
swarm
: same as Kubernetes but for Docker Swarm -
sshd
: SSH audit to host -
sudo
: sudo commands audit on host
Status codes
-
200
- no error -
400
- bad request was provided
Example request
curl -X DELETE -u admin:<Password> 'https://<localhost>:8443/api/v1/audits/access?type=docker'
Example response
{}
3. Delete access audit event
Deleting audit log entries is done through API calls only.
Path
DELETE /api/v1/audits/access/[id]
Description
Deletes an access event with specific id.
Status codes
-
200
- no error -
400
- bad request was provided
Example request
curl -X DELETE -u admin:<Password> 'https://<localhost>:8443/api/v1/audits/access/580fd342b8aaba1000ec47be'
Example response
{}
The current set up enables user to delete entries at the access layer for each runtime sensor. To learn more on API calls, see the API reference. |